Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves the distribution of resources without any restrictions or controls. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters

Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. "The MaaS malware-as-a-service operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to...

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 CVSS score: 7.5, a high-severity path traversal vulnerability in Apache HTTP...

The vulnerability of the virtiopciadmin_devparts_get() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the virtiopciadmindevpartsget function in the Linux operating system is related to the unlimited distribution of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

org.glassfish.main.distributions:glassfish (>=4.0 <=4.0-b90), org.glassfish.main.distributions:web (>=4.0 <=4.0-b90) +4 more potentially affected by CVE-2024-10032 via org.glassfish.main.admingui:console-cluster-plugin (>=4.0 <=9.0.0-M2)

org.glassfish.main.admingui:console-cluster-plugin MAVEN version =4.0, =4.0, =4.0, =6.2.5, =4.1, =4.1, =4.0, =5.0 Source cves: CVE-2024-10032 Source advisory: SNYK:JAVA-ORGGLASSFISHMAINADMINGUI-10946489...

Secure Quantum Key Distribution against Correlated Leakage Source

Quantum key distribution QKD provides information theoretic security based on quantum mechanics, however, its practical deployment is challenged by imperfections of source devices. Among various source loopholes, correlations between transmitted pulses pose a significant yet underexplored securit...

An Adversarial Quantum Key Distribution Project

Quantum key distribution QKD is a popular introduction to quantum technologies used in education and public outreach, as very little background in quantum theory is needed and the practical applications are easily understood. There is considerably less exposure to the many real-world consideratio...

Finite-Correlation-Secure Quantum Key Distribution

Correlation between different pulses is a nettlesome problem in quantum key distribution QKD. All existing solutions for this problem need to characterize the strength of the correlation, which may reduce the security of QKD to an accurate characterization. In this article, we propose a new...

The vulnerability of the KDC Proxy Service (KPSSVC) on Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the KDC Proxy Service KPSSVC on Microsoft Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Hybrid Quantum Security for IPsec

Quantum Key Distribution QKD offers information-theoretic security against quantum computing threats, but integrating QKD into existing security protocols remains an unsolved challenge due to fundamental mismatches between pre-distributed quantum keys and computational key exchange paradigms. Thi...

The vulnerability of the multipart/form-data component in the web framework and the asynchronous networking library Tornado, which allows a hacker to trigger a service failure

The vulnerability of the multipart/form-data component of the web framework and the asynchronous networking library Tornado is related to the use of incorrect authentication tokens due to unlimited resource distribution. Exploiting this vulnerability can allow a malicious actor to cause service...

CVE-2025-3497

The Linux distribution underlying the Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 is obsolete and reached end of life EOL on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product...

CVE-2025-3497 Radiflow iSAP Smart Collector Linux distribution unmaintained

The Linux distribution underlying the Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 is obsolete and reached end of life EOL on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product...

CVE-2025-3497 Radiflow iSAP Smart Collector Linux distribution unmaintained

The Linux distribution underlying the Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 is obsolete and reached end of life EOL on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product...

CVE-2025-3497

Technical details about CVE-2025-3497 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

Improper Input Validation

transformers is vulnerable to improper input validation. The vulnerability is due to insecure URL validation using the startswith method in imageutils.py, which allows an attacker to exploit URL username injection to craft deceptive URLs that appear to originate from trusted sources like YouTube,...

Radiflow iSAP Smart Collector 安全漏洞

Radiflow iSAP Smart Collector is a remote traffic collection and forwarding appliance designed for industrial networks from Radiflow USA. A security vulnerability exists in Radiflow iSAP Smart Collector that stems from an outdated underlying Linux distribution, which could result in an unmitigate...

FedP3E: Privacy-Preserving Prototype Exchange for Non-IID IoT Malware Detection in Cross-Silo Federated Learning

As IoT ecosystems continue to expand across critical sectors, they have become prominent targets for increasingly sophisticated and large-scale malware attacks. The evolving threat landscape, combined with the sensitive nature of IoT-generated data, demands detection frameworks that are both...

PT-2025-28861 · Red Hat +1 · Centos 7 +1

Name of the Vulnerable Software and Affected Versions: Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 Description: The Linux distribution underlying the Radiflow iSAP Smart Collector is obsolete and has reached end of life, posing a cybersecurity risk. Any unmitigated vulnerability could be...

Cosmos SDK's Integer Overflow vulnerability in its Validator Rewards pool can cause a chain halt

Description Name: ISA-2025-005: Integer Overflow in Cosmos SDK Component: CosmosSDK Criticality: High Considerable Impact; Likely Likelihood per ACMv1.2 Affected versions: = v0.50.13, = 0.53.2 Affected users: Validators, Full nodes, Users on chains that utilize the distribution module Cosmos SDK...